SYMBOLCOMMON_NAMEaka. SYNONYMS
win.lokilocker (Back to overview)

LokiLocker


LokiLocker is a .Net ransomware, which was seen first in August 2021. This malware is protected with NETGuard (modified ConfuserEX) using the additional KoiVM virtualization plugin.
The victims were observed ti be scattered around the world, with main concentation in Estern Europe and Asia (BlackBerry).

References
2022-03-23MSSPAlertD. Howard Kass
@online{kass:20220323:lokilocker:a64c4a8, author = {D. Howard Kass}, title = {{LokiLocker Ransomware May Use False Flag to Avoid Identification}}, date = {2022-03-23}, organization = {MSSPAlert}, url = {https://www.msspalert.com/cybersecurity-research/lokilocker-ransomware-may-use-false-flag-to-avoid-identification/}, language = {English}, urldate = {2022-03-24} } LokiLocker Ransomware May Use False Flag to Avoid Identification
LokiLocker
2022-03-16The RegisterJeff Burt
@online{burt:20220316:blackberry:96c470c, author = {Jeff Burt}, title = {{BlackBerry says extortionists erase documents if ransom unpaid}}, date = {2022-03-16}, organization = {The Register}, url = {https://www.theregister.com/2022/03/16/blackberry_lokilocker_ransomware/}, language = {English}, urldate = {2022-03-17} } BlackBerry says extortionists erase documents if ransom unpaid
LokiLocker
2022-03-16BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20220316:new:e28d7c2, author = {The BlackBerry Research & Intelligence Team}, title = {{New Ransomware Family Identified: LokiLocker RaaS Targets Windows Systems}}, date = {2022-03-16}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/03/lokilocker-ransomware}, language = {English}, urldate = {2022-03-17} } New Ransomware Family Identified: LokiLocker RaaS Targets Windows Systems
LokiLocker

There is no Yara-Signature yet.